- Update to 2.0.3

- Create own user and group - Fix and update patches PR: ports/122097 Submitted by: David Wood <david@wood2.org.uk> (maintainer)
svn path=/head/; revision=210380
2008-04-02 13:07:01 +00:00 · 2008-04-02 13:07:01 +00:00 · 99db8b743d · 2021-03-31 03:12:20 +00:00
commit 99db8b743d
parent fb83a8be1d
8 changed files with 292 additions and 23 deletions
--- a/net/freeradius2/Makefile
+++ b/net/freeradius2/Makefile
@ -6,7 +6,7 @@
 #

 PORTNAME=	freeradius
-DISTVERSION=	2.0.1
+DISTVERSION=	2.0.3
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
 		ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \
@ -40,7 +40,8 @@ CFLAGS+=	-I${LOCALBASE}/include -L${LOCALBASE}/lib

 PLIST_SUB=	PORTVERSION=${DISTVERSION}

-OPTIONS=	KERBEROS	"With Kerberos support" off \
+OPTIONS=	USER		"Run as user freeradius, group freeradius" on \
+		KERBEROS	"With Kerberos support" off \
 		HEIMDAL		"With Heimdal Kerberos support" off \
 		LDAP		"With LDAP database support" off \
 		MYSQL		"With MySQL database support" off \
@ -54,6 +55,10 @@ OPTIONS=	KERBEROS	"With Kerberos support" off \
 # Default requirements for rc script
 _REQUIRE=	NETWORKING SERVERS

+# User and group to use if USER is set
+USER=	freeradius
+GROUP=	freeradius
+
 CONFIGURE_ARGS=	--quiet \
 		--prefix=${PREFIX} \
 		--localstatedir=/var \
@ -80,6 +85,7 @@ CONFIGURE_ARGS+=--with-rlm-python-lib-dir=${PYTHON_LIBDIR} \
 		--without-rlm_sql_db2 \
 		--without-rlm_sql_iodbc \
 		--without-rlm_sql_oracle \
+		--without-rlm_sql_sqlite \
 		--without-rlm_sql_sybase \
 		--without-rlm_sql_unixodbc \
 		--with-vmps
@ -88,6 +94,41 @@ CONFIGURE_ARGS+=--with-rlm-python-lib-dir=${PYTHON_LIBDIR} \
 CONFIGURE_ARGS+=	--with-pic
 .endif

+# Credentials for WITH_USER are RADIUS_USER, RADIUS_UID, RADIUS_GECOS,
+# RADIUS_HOME, RADIUS_SHELL, RADIUS_GROUP and RADIUS_GID.
+
+# Parse ${PORTSDIR}/UIDs and GIDs for the defaults
+USER!=	${GREP} -E '^${USER}:' ${PORTSDIR}/UIDs | \
+		${SED} -Ee 's/^([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*):([^:]*)$$/USER="\1" UID="\3" GECOS="\5" HOME="\6" SHELL="\7"/'
+GROUP!=	${GREP} -E '^${GROUP}:' ${PORTSDIR}/GIDs | \
+		${SED} -Ee 's/^([^:]*):([^:]*):([^:]*):$$/GROUP="\1" GID="\3"/'
+
+# Apply the defaults where necessary
+RADIUS_USER?=	${USER:MUSER*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+RADIUS_UID?=	${USER:MUID*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+RADIUS_GECOS?=	${USER:MGECOS*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+RADIUS_HOME?=	${USER:MHOME*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+RADIUS_SHELL?=	${USER:MSHELL*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+RADIUS_GROUP?=	${GROUP:MGROUP*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+RADIUS_GID?=	${GROUP:MGID*:C/^[^=]*=\"([^\"]*)\"$/\1/}
+
+SUB_LIST+=	USER="${RADIUS_USER}" \
+		UID="${RADIUS_UID}" \
+		GECOS="${RADIUS_GECOS}" \
+		HOME="${RADIUS_HOME}" \
+		SHELL="${RADIUS_SHELL}" \
+		GROUP="${RADIUS_GROUP}" \
+		GID="${RADIUS_GID}" \
+		RADDB_WORK="${WRKSRC}/raddb" \
+		RADDB="${PREFIX}/etc/raddb" \
+		LOGDIR="${LOGDIR}"
+SUB_FILES+=	pkg-install pkg-deinstall
+.ifdef(WITH_USER)
+SUB_LIST+=	RUN_AS_USER="yes"
+.else
+SUB_LIST+=	RUN_AS_USER="no"
+.endif
+
 .if defined(WITH_HEIMDAL) && !defined(WITH_KERBEROS)
 WITH_KERBEROS=	yes
 .endif
@ -226,6 +267,11 @@ pre-configure:
 		&& ${AUTOCONF} -I ${WRKSRC}
 	@cd ${WRKSRC}/src/modules/rlm_python && ${AUTOCONF} -I ${WRKSRC}

+pre-install:
+# Run pkg-install PRE-INSTALL
+	@${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} \
+		PRE-INSTALL
+
 post-install:
 # Create (if necessary) ${PREFIX}/etc/raddb and subdirectories using
 # ${EXAMPLESDIR}/raddb as the model layout
@ -247,5 +293,8 @@ post-install:
 # Set ${PREFIX}/etc/raddb and all the files and folders in it to g-w,o-rwx
 # (FreeRADIUS will probably complain if this is not done)
 	@${CHMOD} -R g-w,o-rwx ${PREFIX}/etc/raddb
+# Run pkg-install POST-INSTALL
+	@${SETENV} PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} \
+		POST-INSTALL

 .include <bsd.port.post.mk>
--- a/net/freeradius2/distinfo
+++ b/net/freeradius2/distinfo
@ -1,3 +1,3 @@
-MD5 (freeradius-server-2.0.1.tar.bz2) = 670810d0ee7e80999fcd753cfdcecdb4
-SHA256 (freeradius-server-2.0.1.tar.bz2) = d5e1cd96762cc2091d64198bc50d03690f94dfd4d96b36a042dda1490b8143df
-SIZE (freeradius-server-2.0.1.tar.bz2) = 2270018
+MD5 (freeradius-server-2.0.3.tar.bz2) = 3cd647f40880dee8693f2e74ab5416e9
+SHA256 (freeradius-server-2.0.3.tar.bz2) = 3184e9be6d88df3cdf72a08a7e00222c17bc360289ecf14219df9c81d68d7f79
+SIZE (freeradius-server-2.0.3.tar.bz2) = 2298963
--- a/net/freeradius2/files/patch-pthread
+++ b/net/freeradius2/files/patch-pthread
@ -108,9 +108,9 @@
     fi
 
     if test "x$mysql_with_threads" = "xyes"; then
--- src/modules/rlm_python/configure.in	Thu May 15 15:52:02 2003
-+++ src/modules/rlm_python/configure.in	Thu Aug  2 12:43:47 2007
-@@ -84,6 +84,44 @@
+--- src/modules/rlm_python/configure.in	Mon May 14 23:27:21 2007
+++ src/modules/rlm_python/configure.in	Tue Mar 18 13:52:32 2008
+@@ -85,6 +85,34 @@
 		FR_SMART_CHECK_LIB(python${PY_VERSION}, Py_Initialize)
 		LIBS=$old_LIBS
 
@ -118,10 +118,7 @@
 +dnl # in case libpython is threaded
 +
 +		if test "x$smart_lib" = "x"; then
-+		    AC_MSG_NOTICE([Checking to see if libpython may be threaded.])
-+		    dnl pthread stuff is usually in -lpthread
-+		    dnl or in -lc_r, on *BSD
-+		    dnl FreeBSD uses -pthread
+		    AC_MSG_NOTICE([Checking to see if libpython needs -pthread.])
 +		    libpython_with_threads="yes"
 +		    case "$host" in
 +		    *-freebsd*)
@ -133,13 +130,6 @@
 +		        fi
 +		    ;;
 +		    *)
-+		        AC_CHECK_LIB(pthread, pthread_create,
-+				     [ LIBS="-lpthread $LIBS" ],
-+				     AC_CHECK_LIB(c_r, pthread_create,
-+					          [ LIBS="-lc_r $LIBS" ],
-+					          [ libpython_with_threads="no" ]
-+					          )
-+				     )
 +		    ;;
 +		    esac
 +
--- a/net/freeradius2/files/patch-sites-available
+++ b/net/freeradius2/files/patch-sites-available
@ -0,0 +1,31 @@
+--- raddb/Makefile	Tue Feb 26 09:32:29 2008
+++ raddb/Makefile	Tue Mar 18 13:13:41 2008
+@@ -1,7 +1,7 @@
+ #
+ # Makefile
+ #
+-# Version:      $Id: Makefile,v 1.37 2008/02/26 09:32:29 aland Exp $
+# Version:      $Id: Makefile,v 1.38 2008/03/18 06:33:03 aland Exp $
+ #
+ 
+ include ../Make.inc
+@@ -13,9 +13,7 @@
+ 	attrs.pre-proxy clients.conf dictionary eap.conf templates.conf	\
+ 	experimental.conf hints huntgroups ldap.attrmap otp.conf	\
+ 	policy.txt preproxy_users proxy.conf radiusd.conf		\
+-	snmp.conf sql.conf sqlippool.conf users	policy.conf	\
+-	sites-available/default sites-available/example \
+-	sites-available/README
+	snmp.conf sql.conf sqlippool.conf users	policy.conf
+ 
+ #
+ #	This target is here for local debugging
+@@ -33,7 +31,7 @@
+ 	$(INSTALL) -d -m 750	$(R)$(raddbdir)/sites-available
+ 	$(INSTALL) -d -m 750	$(R)$(raddbdir)/sites-enabled
+ 	@echo "Creating/updating files in $(R)$(raddbdir)"; \
+-	for i in $(FILES); do \
+	for i in $(FILES) `ls sites-available/* | sed 's/CVS//'`; do \
+ 		[ ! -f $(R)$(raddbdir)/$$i ] && $(INSTALL) -m 640 $$i $(R)$(raddbdir)/$$i; \
+ 		if [ "`find $$i -newer $(R)$(raddbdir)/$$i`" ]; then \
+ 			echo "** $(R)$(raddbdir)/$$i"; \
--- a/net/freeradius2/files/pkg-deinstall.in
+++ b/net/freeradius2/files/pkg-deinstall.in
@ -0,0 +1,32 @@
+#!/bin/sh
+# $FreeBSD$
+
+if [ %%RUN_AS_USER%% != "yes" ]; then exit 0; fi
+
+case $2 in
+    POST-DEINSTALL)
+	cat <<EOMSG
+
+If you are not upgrading and don't intend to use
+FreeRADIUS any more then you may wish to delete
+the %%GROUP%% group, which can be done with the
+following command:
+
+    # pw groupdel %%GROUP%%
+
+You may also wish to delete the %%USER%% user,
+which can be done with the following command:
+
+    # pw userdel %%USER%%
+EOMSG
+        ;;
+esac
+
+
+# Emacs variables
+
+# Local Variables:
+# mode: sh
+# sh-basic-offset: 4
+# sh-indent-comment: nil
+# End:
--- a/net/freeradius2/files/pkg-install.in
+++ b/net/freeradius2/files/pkg-install.in
@ -0,0 +1,158 @@
+#!/bin/sh
+# $FreeBSD$
+
+PATH=/usr/sbin:/usr/bin:/bin ; export PATH
+
+radius_user="%%USER%%"
+radius_uid="%%UID%%"
+radius_gecos="%%GECOS%%"
+radius_home="%%HOME%%"
+radius_shell="%%SHELL%%"
+
+radius_group="%%GROUP%%"
+radius_gid="%%GID%%"
+
+radius_raddb_work="%%RADDB_WORK%%"
+radius_raddb="%%RADDB%%"
+radius_logdir="%%LOGDIR%%"
+
+radius_run_as_user="%%RUN_AS_USER%%"
+
+
+create_group() {
+    local user uid group gid gecos home shell
+
+    user=$1
+    uid=$2
+    group=$3
+    gid=$4
+    gecos=$5
+    home=$6
+    shell=$7
+
+
+    if pw group show -n $group >/dev/null 2>&1 ; then
+        echo "===> Using existing group $group"
+    else
+        if pw groupadd -n $group -g $gid ; then
+            echo "===> Created group $group"
+        else
+            cat <<-EOERRORMSG
+*** Failed to create group $group.
+
+Please add user $user and group $group
+manually with the following commands:
+
+    pw groupadd -n $group -g $gid
+    pw useradd -n $user -u $uid -g $group -c "$gecos" \\
+        -d $home -s $shell -h -
+
+and retry installing this package.
+EOERRORMSG
+            exit 1
+        fi
+    fi
+
+}
+
+
+create_user() {
+    local user uid group gid gecos home shell
+
+    user=$1
+    uid=$2
+    group=$3
+    gid=$4
+    gecos=$5
+    home=$6
+    shell=$7
+
+    if pw user show -n $user >/dev/null 2>&1 ; then
+        echo "===> Using existing user $user"
+    else
+        if pw useradd -n $user -u $uid -g $group -c "$gecos" \
+            -d $home -s $shell -h - ; then
+            echo "===> Created user $user"
+        else
+            cat <<-EOERRORMSG
+*** Failed to create user $user.
+
+Please add user $user manually with the following command:
+
+    pw useradd -n $user -u $uid -g $group -c "$gecos" \\
+       -d $home -s $shell -h -
+
+and retry installing this package.
+EOERRORMSG
+            exit 1
+        fi
+    fi
+}
+
+
+if [ ${radius_run_as_user} != "yes" ]; then exit 0; fi
+
+case $2 in
+    PRE-INSTALL)
+        # Create the radius user and group if they do not already exist
+        create_group $radius_user $radius_uid $radius_group $radius_gid \
+                     "$radius_gecos" $radius_home $radius_shell
+        create_user  $radius_user $radius_uid $radius_group $radius_gid \
+                     "$radius_gecos" $radius_home $radius_shell
+
+        # Fix the user and group in raddb/radiusd.conf
+	echo "===> Setting user and group in radiusd.conf"
+	for file in ${radius_raddb_work}/radiusd.conf ${radius_raddb}/radiusd.conf; do
+	    if [ -f ${file} ]; then
+		if ! sed -Ee "s/^[[:space:]#](user[[:space:]]*=[[:space:]]*).*$/\1${radius_user}/" \
+		    -e "s/^[[:space:]#](group[[:space:]]*=[[:space:]]*).*$/\1${radius_group}/" \
+		    -i .orig ${file}; then
+		    echo "Failed to patch ${file}."
+		    exit 1
+		fi
+		if [ -f ${file}.orig ]; then
+                    if ! rm ${file}.orig; then
+			echo "Failed to delete backup file ${file}.orig."
+			exit 1
+		    fi
+                fi
+	    fi
+	done
+
+        ;;
+
+    POST-INSTALL)
+        # Change ownership of directories
+	for dir in $radius_raddb $radius_logdir/radacct \
+	    /var/run/radiusd ; do
+	    if [ -d $dir ] || [ -L $dir ]; then
+		echo "===> Adjusting ownership of directory ${dir}"
+		if ! chown -HR $radius_user:$radius_group $dir; then
+		    echo "Failed to adjust ownership of ${dir}."
+		    exit 1
+		fi
+	    fi
+	done
+
+	for file in $radius_logdir/radius.log $radius_logdir/radutmp \
+	    $radius_logdir/radwtmp; do
+	    if [ -f $file ]; then
+		echo "===> Adjusting ownership of ${file}"
+		if ! chown $radius_user:$radius_group $file; then
+		    echo "Failed to adjust ownership of ${file}."
+		    exit 1
+		fi
+	    fi
+	done
+
+        ;;
+esac
+
+
+# Emacs variables
+
+# Local Variables:
+# mode: sh
+# sh-basic-offset: 4
+# sh-indent-comment: nil
+# End:
--- a/net/freeradius2/files/radiusd.sh.in
+++ b/net/freeradius2/files/radiusd.sh.in
@ -1,9 +1,10 @@
 #!/bin/sh
-
+#
+# $FreeBSD$
+#
 # PROVIDE: radiusd
 # REQUIRE: %%REQUIRE%%
 # KEYWORD: shutdown
-
 #
 # Add the following lines to /etc/rc.conf to enable radiusd:
 #
--- a/net/freeradius2/pkg-plist
+++ b/net/freeradius2/pkg-plist
@ -48,9 +48,15 @@ bin/smbencrypt
 %%EXAMPLESDIR%%/raddb/proxy.conf
 %%EXAMPLESDIR%%/raddb/radiusd.conf
 %%EXAMPLESDIR%%/raddb/sites-available/README
+%%EXAMPLESDIR%%/raddb/sites-available/buffered-sql
+%%EXAMPLESDIR%%/raddb/sites-available/copy-acct-to-home-server
 %%EXAMPLESDIR%%/raddb/sites-available/default
 %%EXAMPLESDIR%%/raddb/sites-available/example
+%%EXAMPLESDIR%%/raddb/sites-available/inner-tunnel
+%%EXAMPLESDIR%%/raddb/sites-available/proxy-inner-tunnel
+%%EXAMPLESDIR%%/raddb/sites-available/vmps
 %%EXAMPLESDIR%%/raddb/sites-enabled/default
+%%EXAMPLESDIR%%/raddb/sites-enabled/inner-tunnel
 %%EXAMPLESDIR%%/raddb/snmp.conf
 %%EXAMPLESDIR%%/raddb/sql.conf
 %%EXAMPLESDIR%%/raddb/sql/mssql/dialup.conf
@ -485,6 +491,7 @@ include/freeradius/vqp.h
 %%PORTDOCS%%%%DOCSDIR%%/rfc/rfc4818.txt
 %%PORTDOCS%%%%DOCSDIR%%/rfc/rfc4849.txt
 %%PORTDOCS%%%%DOCSDIR%%/rfc/rfc5080.txt
+%%PORTDOCS%%%%DOCSDIR%%/rfc/rfc5176.txt
 %%PORTDOCS%%%%DOCSDIR%%/rlm_dbm
 %%PORTDOCS%%%%DOCSDIR%%/rlm_eap
 %%PORTDOCS%%%%DOCSDIR%%/rlm_expiration
@ -596,6 +603,7 @@ include/freeradius/vqp.h
 %%DATADIR%%/dictionary.rfc4679
 %%DATADIR%%/dictionary.rfc4818
 %%DATADIR%%/dictionary.rfc4849
+%%DATADIR%%/dictionary.rfc5176
 %%DATADIR%%/dictionary.riverstone
 %%DATADIR%%/dictionary.roaringpenguin
 %%DATADIR%%/dictionary.shasta
@ -622,7 +630,7 @@ include/freeradius/vqp.h
 %%DATADIR%%/dictionary.xylan
 %%DATADIR%%/dictionary.zyxel
@dirrm %%DATADIR%%
-@exec mkdir -p /var/log/raddb
-@exec chmod -R og= /var/log/raddb
+@exec if [ ! -d /var/log/radacct ]; then mkdir -p /var/log/radacct; chmod -R go= /var/log/radacct; fi
+@exec for i in /var/log/radius.log /var/log/radutmp /var/log/radwtmp; do if [ ! -f ${i} ]; then touch ${i}; chmod go= ${i}; fi; done
@exec mkdir -p /var/run/radiusd
@unexec rm -fr /var/run/radiusd